CVE-2025-59449

Researchers Say YoLink Smart Hub Vulnerabilities Could Let Attackers Control Locks

News, Research, Risk, Vendors, Vulnerabilities

October 3, 2025

Researchers at Bishop Fox have disclosed multiple vulnerabilities in the YoLink Smart Hub v0382 that can bypass authorization, expose credentials over unencrypted MQTT, and allow attackers to control devices including smart locks; the manufacturer has not yet issued a patch.